Search This Blog

Friday, September 28, 2012

Security Management Weekly - September 28, 2012

header

  Learn more! ->   sm professional  

September 28, 2012
 
 
Corporate Security
Sponsored By:
  1. "Gunman Kills Four, Then Self: Minneapolis Police"
  2. "IAHSS: Hospital Shootings Study Incomplete" International Association for Healthcare Security and Safety
  3. "Report on Deadly Rampage Prompts Edison to Cut Management" Southern California Edison
  4. "Foxconn China Plant Closes After Clash Involving 2,000"
  5. "Workplace Fraud Affects Bottom Lines Everywhere"

Homeland Security
Sponsored By:
  1. "Attack on U.S. Consulate in Libya Determined to Be Terrorism Tied to Al-Qaida"
  2. "As Real ID Act Deadline Nears, DHS Needs to Lead, Says GAO" Government Accountability Office
  3. "U.S. Unease Over Drone Strikes"
  4. "Deadly Attack in Libya Was Major Blow to CIA Efforts"
  5. "Secret Service Did Not Compromise Security During Colombia Prostitute Scandal: Probe"

Cyber Security
  1. "Banks Fail to Repel Cyber Threat"
  2. "In Cyberattacks, Hacking Humans is Highly Effective Way to Access Systems"
  3. "Mobile Malware Up 2,180% in Security Scare"
  4. "Forrester: Most Data Breaches Caused by Employees"
  5. "White House Said to Plan Executive Order on Cybersecurity"

   

 
 
 

 


Gunman Kills Four, Then Self: Minneapolis Police
Associated Press (09/28/12)

Four people were killed and four others were injured in a workplace shooting in Minneapolis on Thursday that ended with the gunman turning his weapon on himself. Police received a 911 call from someone at Accent Signage Systems at about 4:30 p.m., and witnesses nearby reported hearing roughly four to five shots. Dozens of squad cars as well as a SWAT team hurried to the business, which makes signs and employed 28 people as of July. After arriving on the scene, police took up position on a bridge overlooking Accent Signage Systems, pointing their rifles at the building and a park beneath them. Police then began evacuating employees from the business and searching for the shooter. Once police went inside, they found four victims and the shooter dead from gunshot wounds. The four people who were injured were taken to the hospital for treatment. Minneapolis Police Deputy Chief Kris Arneson said that her officers did not engage in a shootout with the gunman, though she did not specify what the motive for the shooting may have been or whether or not the shooter was an Accent Signage Systems employee. No other information was provided about the shooter.


IAHSS: Hospital Shootings Study Incomplete
SecurityInfoWatch.com (09/27/12) Rothman, Paul

The International Association for Healthcare Security and Safety (IAHSS) this week criticized a new report from John's Hopkins University that was pessimistic about the abilities of hospitals to effectively prevent shootings on their premises. According to the IAHSS, the John's Hopkins report, titled "Hospital Based Shootings in the United States: 2000-2011," failed to provide hospitals with any clear advice or guidance to improve their security. In its statement the IAHSS said that there were several steps hospitals can and should take to enhance the security of their facilities, starting with operating a well-trained and professional security team. "A security team can help carry out a risk assessment of a facility, pinpointing specific details such as the demographics of the hospital location, economic conditions, incidents occurring throughout the community, proficiency of current security team, etc., from which a plan can be further developed," read the statement. The IAHSS also chided the John's Hopkins researchers for failing to speak about the need for continual training of security forces and the implementation of workplace violence education for hospital staff, so that everyone will know what to do in the event of a shooting. "Better preparedness for an emergency event is crucial. Staff should be taught warning signs, who to call, when to call, etc.," said IAHSS President Bryan Warren.


Report on Deadly Rampage Prompts Edison to Cut Management
Los Angeles Times (09/27/12) Sewell, Abby

The electric utility Southern California Edison (SCE) announced that it would be cutting 20 percent of its IT management staff after an outside report indicated that a toxic work culture existed within the department where a disgruntled worker shot and killed two of his supervisors last December. On Dec. 16, SCE IT worker Andre Turner gunned down two of his supervisors and wounded a third before turning his gun on himself. Following the tragedy, SCE commissioned an outside assessment of its IT department and this week revealed that the report had found several cultural problems. Among these were: "a fundamental lack of leadership in many areas.... resulting in loss of trust, lack of respect, fear of retaliation, inefficient decision-making processes, poor communication, lack of work/life balance, abusive management styles, lack of management accountability, perceived absence of fairness, and shortage of recognition." SCE has already implemented enhanced security and workplace violence prevention measures as part of its response to the shooting. SCE said that while it would be eliminating some of its IT management staff, "there is nothing in the company's work environment that caused this tragedy and there is no way anyone could have anticipated these actions."


Foxconn China Plant Closes After Clash Involving 2,000
Reuters (09/24/12) Jim, Clare

Taiwan's Foxconn Technology Group closed a plant in the Chinese city of Taiyuan after approximately 2,000 people were involved in a riot at a company dormitory on Sunday. Foxconn, which makes components for Apple iPhones and other major electronic brands, has not said how long the shutdown will last at the plant that employs about 79,000 people. Police and Foxconn are reportedly working together to investigate the incident. Foxconn claims that the brawl stemmed from a personal altercation, but some unconfirmed sources maintain that the violence had started when factory guards began beating workers. This disturbance is the latest in a series of incidents at Foxconn facilities, which has faced accusations of harsh working conditions and employee abuse in China. The company claims to have been spending vast amounts of money in recent months to improve conditions and raise salaries for its 1 million workers.


Workplace Fraud Affects Bottom Lines Everywhere
AL.com (09/23/12) Swant, Martin

The total cost of occupational fraud in 2011 was around $3.5 trillion, according to a report from the Association of Certified Fraud Examiners. The report also noted that businesses lost an average of $140,000 as a result of fraud, with one in five cases of fraud causing at least $1 million in losses. This level of damage is often done over time and companies that watch for certain "red flags" may be able to detect fraud sooner rather than later, said Kelly Todd, a certified fraud examiner at Forensic Strategic Solutions in Birmingham, Ala. "The reality of fraud is it's a problem everywhere and the footprints of the beast are the same regardless," Todd said. She noted that these "footprints" include an employee with some sort of "unsharable need," such as financial distress or addiction. In addition, Todd noted that the person must also have means to commit the fraud and to hide it. Todd went on to describe how she and her team investigate cases of suspected of fraud, a process she said often starts by looking at the suspect's cars, clothing, and houses for signs that he is living beyond what his salary should be able to pay for. They also look for employees who have suffered a loss or illness that may have produced enough stress or unforeseen bills to necessitate their actions. Then the team looks to see what kind of access the person has to corporate funds, if there are checks and balances in place to prevent fraud, and if there is a company culture that fosters discontent or dishonesty from the top down.




Attack on U.S. Consulate in Libya Determined to Be Terrorism Tied to Al-Qaida
Washington Post (DC) (09/27/12) Miller, Greg

U.S. intelligence officials on Thursday stated that the attack on the U.S. consulate in Benghazi, Libya, that killed Ambassador Christopher Stevens on Sept. 11 was the result of weeks of planning that likely involved members of al-Qaida in the Islamic Maghreb (AQIM). Speaking anonymously, intelligence officials said that the attack was the work of a loosely affiliated and poorly organized group of Islamist militants, for the most part affiliated with the Ansar al-Sharia militia that has been the focus of much of the blame for the attack. Officials say that at least some of the plotters and attackers may have been members of AQIM, but add that it seems unlikely that group played a major role in the attack. One official said, "it's not so direct that you would say AQIM as an organization planned and carried this out." Officials also say that the ad hoc group of attackers seem to have cased the the embassy compound and had been planning some kind of assault for a number of weeks before Sept. 11, but that the militants launched their attack on Sept. 11 to capitalize on the excitement generated by the protests outside the U.S. Embassy in Cairo earlier that day. "There's never been any intelligence, nor any I'm aware of now, that indicated that this was a plot planned months in advance to get turned on on 9/11," said one administration official. As evidence of this, officials point to that fact that, while well armed, the attackers had to rearm themselves several times, and heavy weapons such as mortars did not come into play until hours into the assault.


As Real ID Act Deadline Nears, DHS Needs to Lead, Says GAO
Fierce Homeland Security (09/26/12) Rausnitz, Zach

In a new report released Sept. 21, the Government Accountability Office (GAO) criticized the Department of Homeland Security (DHS) for not doing enough to provide compliance guidance for states hoping to make their driver's license programs comply with the Real ID Act of 2005. The Real ID Act sets minimum standards for driver's license security, and while it did not make it mandatory for states to implement these standards, the federal government has made it clear that it will soon accept only Real ID-compliant forms of identification from people boarding commercial airplanes and entering federal buildings, among other things. Thus, many states are adopting the standards for their state driver's licenses and IDs. The problem, the GAO reports, lies in spotting fraud. The wide variance in the quality and format of driver's licenses and other identifying documents such as birth certificates that citizens need to acquire the new Real ID-compliant IDs is so broad that it makes fraud very easy. The GAO reports it was able to fraudulent obtain driver's licenses in numerous states using counterfeit IDs and birth certificates. While some states are working on systems to cut down on this kind of fraud, they are not likely to be complete within the decade, prompting the GAO to advise DHS to take a leading role and provide the states with interim guidance on this and other Real ID-related issues.


U.S. Unease Over Drone Strikes
Wall Street Journal (09/26/12) Entous, Adam ; Gorman, Siobhan ; Perez, Evan

Some State Department lawyers are expressing concern about the manner in which drone strikes are carried out against terrorist targets in Pakistan. As part of that process, the CIA--which runs the drone program--sends a monthly fax to a general at Pakistan's Inter-Services Intelligence (ISI) agency outlining large chunks of Pakistani territory where the U.S. is planning to carry out drone strikes. The CIA assumes that it has permission to carry out these strikes because Pakistani officials do not respond to the monthly fax, even though in public they have expressed their opposition to drone strikes on Pakistani territory. In addition, the CIA believes that it has Pakistan's permission to carry out the drone strikes because Pakistan clears the airspace in the areas where the attacks are planned. Top State Department lawyer Harold Koh and others say that the CIA's rationale for assuming that Pakistan has granted its permission for it to carry out drone strikes is shaky, though they stress that they still believe that the drone program is legal. Pakistani officials, for their part, say that they do not believe that their actions amount to consent for the U.S. to carry out drone strikes. However, Pakistani officials have refrained from shooting down American drones flying over Pakistani territory because they believe that doing so would unnecessarily provoke the U.S. Meanwhile, some in the U.K. have said that it needs to be more clear that Pakistan is actually giving its consent to the strikes, given the fact that there is a growing amount of legal scrutiny in Britain over London's involvement in the drone program. To help address the concerns of the U.K. and other allies, and to defend against legal challenges in the U.S., White House lawyers are working to develop a set of more sustainable guidelines for how governments should use unmanned drones in fighting their enemies.


Deadly Attack in Libya Was Major Blow to CIA Efforts
New York Times (09/24/12) Schmitt, Eric; Cooper, Helene; Schmidt, Michael S.

The recent attack on the U.S. consulate in Benghazi, Libya, has reportedly had a negative impact on the CIA's intelligence-gathering efforts in that country. Before the attack on the consulate, which resulted in the deaths of the U.S. ambassador to Libya and three other Americans, CIA operatives and contractors were on the ground in Benghazi performing surveillance and gathering information about the Ansar al-Sharia militia and al-Qaida in the Islamic Maghreb. Ansar al-Sharia has been blamed for the attack on the consulate. In addition, CIA operatives worked with State Department contractors and Libyan officials in tracking and securing weapons following the collapse of Muammar el-Qaddafi's government last year, including Libya's cache of chemical weapons. Members of Libya's new intelligence service have also been trained by American intelligence operatives. But in the aftermath of the attack on the consulate, roughly 12 CIA operatives and contractors who performed intelligence gathering in and around Benghazi were evacuated from the city. An American official who worked in Libya and spoke on condition of anonymity said that the withdrawal of the CIA operatives and contractors has resulted in a "catastrophic" loss of intelligence. Other senior U.S. officials, while acknowledging that efforts to gather information in Benghazi have been set back by the withdrawal of intelligence personnel from that city, say that information is still coming in from informants on the ground, intercepted cell phone conversations and other electronic forms of communication, and satellite imagery. As a result, the U.S. still has some idea as to what is going on in Benghazi and the rest of eastern Libya, an American official said.


Secret Service Did Not Compromise Security During Colombia Prostitute Scandal: Probe
Reuters (09/21/12)

In a letter sent to members of Congress last week, acting Department of Homeland Security Inspector General Charles Edwards stated that a DHS investigation had determined that a prostitution scandal involving Secret Service agents in Cartagena, Colombia, last April had not compromised security. That scandal involved some 13 members of the Secret Service who had brought prostitutes back to their hotel rooms while they were in Colombia acting as an advance team for a visit from President Barack Obama. "Although we found that these agents engaged in misconduct, our investigation developed no evidence to suggest that the actions of personnel in Cartagena compromised the safety and security of the president or any sensitive information during this trip," wrote Edwards in his letter. Edwards said that at least seven of the 13 agents have left the Secret Service and that DHS does not plan to release or discuss its report on the scandal publicly. The letter also noted that a hotel registry suggested a Defense Department official and someone from the White House may also have been involved in the scandal, possibly contradicting earlier reports by the White House that none of its staff had been involved.




Banks Fail to Repel Cyber Threat
Los Angeles Times (09/27/12) Reckard, E. Scott; Tangel, Andrew; Puzzanghera, Jim

Customers of banks including Wells Fargo, U.S. Bancorp, and Bank of America were temporarily unable to access their accounts in the last several days due to a cyber attack by a group calling itself the Izz ad-Din al-Qassam Cyber Fighters. The group has said that the attacks will continue until the inflammatory video denigrating Islam's Prophet Muhammad is removed from the Internet. The banks claim that no personal information for any of their customers was compromised or stolen; however, the banks' inability to ward off the attack raises questions about financial institutions' cyber security preparedness. Sen. Joseph Lieberman (I-Conn.) has said he believes Iran is behind the attacks, based on the massive resources required. Perhaps the most troubling feature of these denial-of-service attacks is that the group warned the banks ahead of time, yet they were still unable to stop them from cutting off access to Web sites. "The banks put a lot of effort into cyber security. But they're so desirable as a target, even with all that effort they still have problems," explained James Lewis, an expert at the Center for Strategic and International Studies in Washington. "If you can pull together enough resources, you can overwhelm any defense temporarily." Other banks affected by the attacks included JPMorgan Chase and Citigroup. Another attack has been threatened against PNC Financial on Sept. 27.


In Cyberattacks, Hacking Humans is Highly Effective Way to Access Systems
Washington Post (09/27/12) O'Harrow Jr., Robert

A recent campaign of cyber attacks targeting national security firms, intelligence contractors, energy companies, and industrial control security specialists in the U.S. is just the latest such campaign by a Chinese hacker group that uses the latest in social engineering attacks to hit its targets. The attacks, which hit organizations including the Chertoff Group, the National Geospatial-Intelligence Agency, the National Electrical Manufacturers Association, and numerous others, was just the latest campaign of a group that security researchers have dubbed the "Comment Crew," which may have ties to the Chinese government and/or military. The Comment Crew has been on security researchers' radar for almost a decade and it specializes in social engineering attacks. This latest round made use of meticulously researched and targeted spear phishing e-mails. The scheme was finally spotted after a worker at security firm Digital Bond caught one of the spear phishing e-mails, which by all appearances seemed to be from his boss, except for its incorrect use of the superior's last, rather than first, name to sign the e-mail. The Comment Crew is also making use of even more sophisticated social engineering techniques, such as phone calls directly to targeted individuals and the use of "watering hole" attacks, which aim to ensnare targets by luring them to popular Web sites laden with malicious code.


Mobile Malware Up 2,180% in Security Scare
Network World (09/26/12) Jary, Simon

The security research firm ABI Research says that it has seen a massive spike in the number of unique malware variants for mobile devices. Between the first and second quarters of 2012, ABI says it has seen the number of unique mobile malware variants rise by 2,180 percent to a total of 17,439. The firm says that this is likely to feed the mobile device security market, which it estimates will be worth $398 million by the end of 2012. Already countless firms have thrown their hat into the ring, offering a wide variety of security apps, devices, and services for the mobile sector. Among them, ABI has some clear favorites. For anti-malware, anti-theft, and privacy concerns, the firm suggests products from AVG Technologies, Lookout, and Avast Software. Among the most innovative offerings are those from Lookout, Dr. Web, and TrustGo, while the vendors with the best implementation are Ikarus and security stalwarts McAfee and Kaspersky Lab.


Forrester: Most Data Breaches Caused by Employees
Computerworld UK (09/24/12) Dunn, John E.

Forrester Research polled more than 7,000 IT executives and everyday employees across North America and Europe and found that most data breaches are the result of mundane events such as workers losing, having stolen, or simply unwittingly misusing corporate assets. More than 30 percent of respondents cited simple loss or theft as the cause of data breaches, compared to 27 percent who cited inadvertent misuse by an employee. Other frequent sources of breach, according to the report, include loss or theft of corporate assets, such as laptops or USB drives, and external attacks that target corporate servers or users. Meanwhile, most organizations say they have created policies for securing mobile devices, although they do not have the resources to enforce them. Thirty-nine percent worried about the lack of data breach protection on mobile devices, while 30 percent said there was not adequate separation between consumer and corporate data on mobile devices. Nearly one in four respondents said they are not using any type of data protection at all.


White House Said to Plan Executive Order on Cybersecurity
Reuters (09/24/12) Menn, Joseph

The White House is expected to issue a new cyber security order that will require federal agencies to draft voluntary security measures for the owners of of critical infrastructure, such as water and electric plants. Officials commenting on the order said that some of it was based on a Senate bill defeated over the summer due to industry objections about more regulation. The order will also include a mandate for the Department of Homeland Security to create a cyber security committee that will include representatives from the Department of Defense, the Department of Justice and other agencies responsible for security and intelligence. Federal agencies will reportedly have 90 days to draft the voluntary regulations. The impending release of the cyber security order comes as intelligence officials are warning that there could be destructive cyber attacks on electric power plants, banks, and stock exchanges in the future.


Abstracts Copyright © 2012 Information, Inc. Bethesda, MD


  ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

No comments: